Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 10 Nov 2005 10:09:22 -0200
From:      "Pedro Paulo de Magalhaes Oliveira Junior" <ppj@netfilter.com.br>
To:        <freebsd-ipfw@freebsd.org>
Subject:   RE: String Match (Cesar)
Message-ID:  <000001c5e5ef$97247320$2d00a8c0@MICROPPJ>
In-Reply-To: <20051110120050.3A6FB16A428@hub.freebsd.org>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

IMHO this is the main disadvantage of FreeBSD and IPFW.

Sure Linux has a better support on string match for IPS.

----------------------------------------------------------------------

Message: 1
Date: Wed, 9 Nov 2005 11:52:35 -0300
From: "Cesar" <listas@itm.net.br>
Subject: String Match
To: <freebsd-ipfw@freebsd.org>
Message-ID: <002b01c5e53d$38c99d30$f2faa8c0@ironman>
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
	reply-type=original

An interesting thing in iptables is that option to match strings, like this 
example:

iptables -A FORWARD -p TCP -m string --string "BitTorrent protocol" -j 
REJECT --reject-with tcp-reset
iptables -A FORWARD -p TCP -m string --string "GET /announce" -j 
REJECT --reject-with tcp-reset

Did anyone wrote a similar patch to ipfw? or ... Is this something desirable

to ipfw which the developers will put in the future?

Thanks 



------------------------------


-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.12.8/163 - Release Date: 8/11/2005
 




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?000001c5e5ef$97247320$2d00a8c0>